Billions of accounts have been compromised. From Yahoo’s multiple breaches to Facebook's Cambridge Analytica scandal and Equifax’s data leakages, no one is safe from malicious hacks. In short, the cyber world is becoming increasingly hostile and its not just big businesses that need to worry.
Every single person using the internet today should use proven password strategies. Take steps to make your personal information safer by following these seven password tips.
#1 Use a password generator
There are a few tried-and-true password policies. Keep passwords long (longer than eight characters), avoid words you can find in a dictionary (use nonsense letter combinations), combine numbers, letters and special characters.
You don’t need to remember all of this though. You can leverage strong password generators to create ultra-secure passwords in a matter of seconds.
#2 Never use the same password twice
Once you find a strong password, it can be tempting to use it for all of your favourite websites. You should resist this temptation. Think about it: if a malicious hacker cracks your password for one account, they could gain access to the rest before you realise anything is amiss. A reused password could potentially compromise all of your personal information.
Use a unique password for every single one of your accounts. While it’s easier to use one password for everything, it will leave you far too vulnerable. The cons outweigh the convenience. Stay safe by creating a separate password for every single account.
#3 Manage passwords with free software
Remembering passwords can be cumbersome. In fact, sometimes it can be downright dangerous. Juggling multiple passwords could lead to getting locked out of accounts. Even worse, it could drive you to save your passwords in an unencrypted document.
Don’t fret about remembering or storing passwords yourself. Use a password manager like LastPass to ensure you never forget another password. (With that said, be mindful that password managers aren't completely fail safe - they are subject to security breaches and vulnerabilities just like any other online service. In other words, do your homework before signing up.)
#4 Don’t save your passwords to your browser
Using a password manager will take a lot of the pain out of storing passwords. If you’re using a password manager, you won’t need to save those passwords to your browser. This information can be easily lost, compromised, or hacked, so you’ll want to avoid relying on your browser’s password storage system.
#5 Enable multi-factor authentication
Make your account safer by enabling multi-factor authentication. What is multi-factor authentication? It’s simply a mechanism by which a website requires two or more passwords to get into an account.
So, for example, if you’ve enabled two-factor authentication for your Gmail account, you’ll first enter your username and password, then you’ll receive a six-digit code through a secure SMS. When prompted, you enter the code on your browser — et voila - you have gained access to your account.
#6 Change passwords for compromised accounts
Even if you’ve done well to keep your passwords secure, there’s no way to guarantee that your personal information is safe, especially when you’re relying on third-party institutions. For this reason, it’s important to check if any of your accounts have been compromised through services like HaveIBeenPwned.com. This is an especially important practice for online business owners.
If you find that one of your accounts has been compromised, don’t panic. There are a few actionable steps you can take to prevent further damage. Change your passwords for compromised accounts immediately. Continue to monitor these accounts closely. If need be, change your passwords for these accounts frequently.
#7 Rotate passwords every six months
You can’t check if you’ve been compromised all the time. Breaches happen, whether we like it or not, but we can’t stay locked in on important cybersecurity issues twenty-four hours a day. To combat hackers, you can take a more measured approach.
Simply rotate passwords every few months. Rotating passwords prevents hackers from being able to access any of your accounts for too long. If you change passwords every six months, in theory, a hacker could only access this account for half a year. Limiting the time window in which hackers have an opportunity to exploit you greatly minimizes your exposure.
We can’t protect ourselves from every danger lurking in cyberspace, but we can take some preventative measures. Protecting your personal data requires diligence, vigilance, and patience, but can be done. Using password strategies to ensure that your accounts are virtually unbreakable will provide you with digital security.
Generate strong passwords, keep your passwords unique, and manage those passwords with a service like LastPass. Add two-factor authentication where you can to make your accounts extra secure.
Remember to avoid relying on your browser’s password storage system as browsers can be unreliable. Change your passwords for compromised accounts immediately. For every other account, change your password every few months or so. That way, if a breach goes unnoticed, the damage is mitigated.
Charles Dearing is a veteran security journalist with over 15 years of experience. He has written for various publications including ProBlogger, Big Think and Apps World.